Adobe

Coldfusion

226 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.49%
  • Veröffentlicht 13.05.2010 17:30:01
  • Zuletzt bearbeitet 16.06.2026 23:11:39

Cross-site scripting (XSS) vulnerability in an unspecified method in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Warnung Exploit
  • EPSS 90.01%
  • Veröffentlicht 15.02.2010 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:12:42

Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain se...

  • EPSS 4.29%
  • Veröffentlicht 03.02.2010 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:15:39

The default configuration of Adobe ColdFusion 9.0 does not restrict access to collections that have been created by the Solr Service, which allows remote attackers to obtain collection metadata, search information, and index data via a request to an ...

Exploit
  • EPSS 16.14%
  • Veröffentlicht 18.08.2009 22:30:00
  • Zuletzt bearbeitet 16.06.2026 23:08:15

Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query s...

  • EPSS 1.77%
  • Veröffentlicht 18.08.2009 22:30:00
  • Zuletzt bearbeitet 16.06.2026 23:08:15

Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion 8.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1877.

  • EPSS 2.81%
  • Veröffentlicht 18.08.2009 22:30:00
  • Zuletzt bearbeitet 16.06.2026 23:08:15

Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability."

  • EPSS 1.77%
  • Veröffentlicht 18.08.2009 22:30:00
  • Zuletzt bearbeitet 16.06.2026 23:08:15

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1875.

  • EPSS 2.29%
  • Veröffentlicht 18.08.2009 22:30:00
  • Zuletzt bearbeitet 16.06.2026 23:08:15

Session fixation vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to hijack web sessions via unspecified vectors.

  • EPSS 0.73%
  • Veröffentlicht 10.11.2008 14:12:55
  • Zuletzt bearbeitet 16.06.2026 22:58:38

Unspecified vulnerability in Adobe ColdFusion 8 and 8.0.1 and ColdFusion MX 7.0.2 allows local users to bypass sandbox restrictions, and obtain sensitive information or possibly gain privileges, via unknown vectors.

  • EPSS 2.62%
  • Veröffentlicht 09.04.2008 19:05:00
  • Zuletzt bearbeitet 16.06.2026 22:52:11

Adobe ColdFusion 8 and 8.0.1 does not properly implement the public access level for CFC methods, which allows remote attackers to invoke these methods via Flex 2 remoting, a different vulnerability than CVE-2006-4725.